sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-26 18:50:30 +03:00
Code

build: Enable NTVFS file server to be omitted

Browse Source 
We now only build it by default with --enable-sefltest, or otherwise
if requested.

The NTVFS file server still has features not present in the smbd file
server, such as a CIFS/SMB proxy, and a radically different design,
but it is also not undergoing any ongoing development so this keeps it
in a safe state for care and maintaince, with less of a security risk
if such an issue were to come up.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Andrew Bartlett 2015-10-10 09:30:17 +13:00 committed by Jeremy Allison
parent 0ccf842e12
commit 71dcc76b70
9 changed files with 77 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
python/pyglue.c
View File

@ -121,6 +121,15 @@ static PyObject *py_get_debug_level(PyObject *self)
return PyInt_FromLong(DEBUGLEVEL);
}
static PyObject *py_is_ntvfs_fileserver_built(PyObject *self)
{
#ifdef WITH_NTVFS_FILESERVER
Py_RETURN_TRUE;
#else
Py_RETURN_FALSE;
#endif
}
/*
return the list of interface IPs we have configured
takes an loadparm context, returns a list of IPs in string form
@ -267,6 +276,8 @@ static PyMethodDef py_misc_methods[] = {
"(for testing) compare two strings using Samba's strcasecmp_m()"},
{ "strstr_m", (PyCFunction)py_strstr_m, METH_VARARGS,
"(for testing) find one string in another with Samba's strstr_m()"},
{ "is_ntvfs_fileserver_built", (PyCFunction)py_is_ntvfs_fileserver_built, METH_NOARGS,
"is the NTVFS file server built in this installation?" },
{ NULL }
};

1
python/samba/__init__.py
View File

@ -374,3 +374,4 @@ unix2nttime = _glue.unix2nttime
generate_random_password = _glue.generate_random_password
strcasecmp_m = _glue.strcasecmp_m
strstr_m = _glue.strstr_m
is_ntvfs_fileserver_built = _glue.is_ntvfs_fileserver_built

37
python/samba/netcmd/domain.py
View File

@ -224,7 +224,7 @@ class cmd_domain_provision(Command):
Option("--ol-mmr-urls", type="string", metavar="LDAPSERVER",
help="List of LDAP-URLS [ ldap://<FQHN>:<PORT>/ (where <PORT> has to be different than 389!) ] separated with comma (\",\") for use with OpenLDAP-MMR (Multi-Master-Replication), e.g.: \"ldap://s4dc1:9000,ldap://s4dc2:9000\""),
Option("--use-xattrs", type="choice", choices=["yes", "no", "auto"], help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto"),
Option("--use-ntvfs", action="store_true", help="Use NTVFS for the fileserver (default = no)"),
Option("--use-rfc2307", action="store_true", help="Use AD to store posix attributes (default = no)"),
]
@ -239,9 +239,16 @@ class cmd_domain_provision(Command):
Option("--ldap-backend-nosync", help="Configure LDAP backend not to call fsync() (for performance in test environments)", action="store_true"),
]
ntvfs_options = [
Option("--use-ntvfs", action="store_true", help="Use NTVFS for the fileserver (default = no)"),
]
if os.getenv('TEST_LDAP', "no") == "yes":
takes_options.extend(openldap_options)
if samba.is_ntvfs_fileserver_built():
takes_options.extend(ntvfs_options)
takes_args = []
def run(self, sambaopts=None, versionopts=None,
@ -490,8 +497,6 @@ class cmd_domain_dcpromo(Command):
action="store_true"),
Option("--machinepass", type=str, metavar="PASSWORD",
help="choose machine password (otherwise random)"),
Option("--use-ntvfs", help="Use NTVFS for the fileserver (default = no)",
action="store_true"),
Option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
choices=["SAMBA_INTERNAL", "BIND9_DLZ", "NONE"],
help="The DNS server backend. SAMBA_INTERNAL is the builtin name server (default), "
@ -502,6 +507,14 @@ class cmd_domain_dcpromo(Command):
Option("--verbose", help="Be verbose", action="store_true")
]
ntvfs_options = [
Option("--use-ntvfs", action="store_true", help="Use NTVFS for the fileserver (default = no)"),
]
if samba.is_ntvfs_fileserver_built():
takes_options.extend(ntvfs_options)
takes_args = ["domain", "role?"]
def run(self, domain, role=None, sambaopts=None, credopts=None,
@ -569,8 +582,6 @@ class cmd_domain_join(Command):
help="choose machine password (otherwise random)"),
Option("--adminpass", type="string", metavar="PASSWORD",
help="choose adminstrator password when joining as a subdomain (otherwise random)"),
Option("--use-ntvfs", help="Use NTVFS for the fileserver (default = no)",
action="store_true"),
Option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
choices=["SAMBA_INTERNAL", "BIND9_DLZ", "NONE"],
help="The DNS server backend. SAMBA_INTERNAL is the builtin name server (default), "
@ -581,6 +592,13 @@ class cmd_domain_join(Command):
Option("--verbose", help="Be verbose", action="store_true")
]
ntvfs_options = [
Option("--use-ntvfs", help="Use NTVFS for the fileserver (default = no)",
action="store_true")
]
if samba.is_ntvfs_fileserver_built():
takes_options.extend(ntvfs_options)
takes_args = ["domain", "role?"]
def run(self, domain, role=None, sambaopts=None, credopts=None,
@ -1358,8 +1376,6 @@ class cmd_domain_classicupgrade(Command):
Option("--verbose", help="Be verbose", action="store_true"),
Option("--use-xattrs", type="choice", choices=["yes","no","auto"], metavar="[yes|no|auto]",
help="Define if we should use the native fs capabilities or a tdb file for storing attributes likes ntacl, auto tries to make an inteligent guess based on the user rights and system capabilities", default="auto"),
Option("--use-ntvfs", help="Use NTVFS for the fileserver (default = no)",
action="store_true"),
Option("--dns-backend", type="choice", metavar="NAMESERVER-BACKEND",
choices=["SAMBA_INTERNAL", "BIND9_FLATFILE", "BIND9_DLZ", "NONE"],
help="The DNS server backend. SAMBA_INTERNAL is the builtin name server (default), "
@ -1369,6 +1385,13 @@ class cmd_domain_classicupgrade(Command):
default="SAMBA_INTERNAL")
]
ntvfs_options = [
Option("--use-ntvfs", help="Use NTVFS for the fileserver (default = no)",
action="store_true")
]
if samba.is_ntvfs_fileserver_built():
takes_options.extend(ntvfs_options)
takes_args = ["smbconf"]
def run(self, smbconf=None, targetdir=None, dbdir=None, testparm=None,

2
source4/smb_server/smb/wscript_build
View File

@ -5,6 +5,6 @@ bld.SAMBA_SUBSYSTEM('SMB_PROTOCOL',
autoproto='smb_proto.h',
deps='dfs_server_ad',
public_deps='ntvfs LIBPACKET samba-credentials samba_server_gensec',
enabled=bld.AD_DC_BUILD_IS_ENABLED()
enabled=bld.CONFIG_SET('WITH_NTVFS_FILESERVER')
)

2
source4/smb_server/smb2/wscript_build
View File

@ -4,6 +4,6 @@ bld.SAMBA_SUBSYSTEM('SMB2_PROTOCOL',
source='receive.c negprot.c sesssetup.c tcon.c fileio.c fileinfo.c find.c keepalive.c',
autoproto='smb2_proto.h',
public_deps='ntvfs LIBPACKET LIBCLI_SMB2 samba_server_gensec NDR_DFSBLOBS',
enabled=bld.AD_DC_BUILD_IS_ENABLED()
enabled=bld.CONFIG_SET('WITH_NTVFS_FILESERVER')
)

4
source4/smb_server/wscript_build
View File

@ -7,14 +7,14 @@ bld.SAMBA_MODULE('service_smb',
init_function='server_service_smb_init',
deps='SMB_SERVER netif shares samba-hostconfig',
internal_module=False,
enabled=bld.AD_DC_BUILD_IS_ENABLED()
enabled=bld.CONFIG_SET('WITH_NTVFS_FILESERVER')
)
bld.SAMBA_SUBSYSTEM('SMB_SERVER',
source='handle.c tcon.c session.c blob.c management.c smb_server.c',
autoproto='smb_server_proto.h',
public_deps='share LIBPACKET SMB_PROTOCOL SMB2_PROTOCOL',
enabled=bld.AD_DC_BUILD_IS_ENABLED()
enabled=bld.CONFIG_SET('WITH_NTVFS_FILESERVER')
)
bld.RECURSE('smb')

2
source4/torture/rpc/rpc.c
View File

@ -489,7 +489,7 @@ NTSTATUS torture_rpc_init(void)
torture_suite_add_suite(suite, torture_rpc_object_uuid(suite));
torture_suite_add_suite(suite, torture_rpc_winreg(suite));
torture_suite_add_suite(suite, torture_rpc_spoolss(suite));
#ifdef AD_DC_BUILD_IS_ENABLED
#ifdef WITH_NTVFS_FILESERVER
torture_suite_add_suite(suite, torture_rpc_spoolss_notify(suite));
#endif
torture_suite_add_suite(suite, torture_rpc_spoolss_win(suite));

14
source4/torture/wscript_build
View File

@ -32,11 +32,13 @@ bld.RECURSE('winbind')
bld.RECURSE('libnetapi')
bld.RECURSE('libsmbclient')
heimdal_specific = dict(source='', deps='')
ntvfs_specific = dict(source='', deps='')
if bld.CONFIG_SET('AD_DC_BUILD_IS_ENABLED'):
heimdal_specific['source'] += ' rpc/spoolss_notify.c'
heimdal_specific['deps'] += ' SMB_SERVER dcerpc_server ntvfs'
# Yes, the spoolss_notify test uses the NTVFS file server to run the SMB server expected
# to handle the RPC callback!
if bld.CONFIG_SET('WITH_NTVFS_FILESERVER'):
ntvfs_specific['source'] += ' rpc/spoolss_notify.c'
ntvfs_specific['deps'] += ' SMB_SERVER dcerpc_server ntvfs'
bld.SAMBA_SUBSYSTEM('TORTURE_NDR',
source='''ndr/ndr.c
@ -119,7 +121,7 @@ bld.SAMBA_MODULE('torture_rpc',
rpc/clusapi.c
rpc/witness.c
rpc/backupkey.c
''' + heimdal_specific['source'],
''' + ntvfs_specific['source'],
autoproto='rpc/proto.h',
subsystem='smbtorture',
init_function='torture_rpc_init',
@ -165,7 +167,7 @@ bld.SAMBA_MODULE('torture_rpc',
RPC_NDR_CLUSAPI
RPC_NDR_WITNESS
RPC_NDR_BACKUPKEY
''' + heimdal_specific['deps'],
''' + ntvfs_specific['deps'],
internal_module=True)
bld.RECURSE('drs')

22
wscript
View File

@ -53,6 +53,14 @@ def set_options(opt):
help='disable AD DC functionality (enables Samba 4 client and Samba 3 code base).',
action='store_true', dest='without_ad_dc', default=False)
opt.add_option('--with-ntvfs-fileserver',
help='enable the depricated NTVFS file server from the original Samba4 branch (default if --enable-selftest specicifed). Conflicts with --with-system-mitkrb5 and --without-ad-dc',
action='store_true', dest='with_ntvfs_fileserver')
opt.add_option('--without-ntvfs-fileserver',
help='disable the depricated NTVFS file server from the original Samba4 branch',
action='store_false', dest='with_ntvfs_fileserver')
opt.add_option('--with-pie',
help=("Build Position Independent Executables " +
"(default if supported by compiler)"),
@ -132,6 +140,7 @@ def configure(conf):
conf.PROCESS_SEPARATE_RULE('system_mitkrb5')
if not (Options.options.without_ad_dc or Options.options.with_system_mitkrb5):
conf.DEFINE('AD_DC_BUILD_IS_ENABLED', 1)
# Only process heimdal_build for non-MIT KRB5 builds
# When MIT KRB5 checks are done as above, conf.env.KRB5_VENDOR will be set
# to the lowcased output of 'krb5-config --vendor'.
@ -154,6 +163,19 @@ def configure(conf):
conf.RECURSE('lib/resolv_wrapper')
conf.RECURSE('lib/socket_wrapper')
conf.RECURSE('lib/uid_wrapper')
if Options.options.with_ntvfs_fileserver != False:
if not (Options.options.without_ad_dc or Options.options.with_system_mitkrb5):
conf.DEFINE('WITH_NTVFS_FILESERVER', 1)
if Options.options.with_ntvfs_fileserver == False:
if not (Options.options.without_ad_dc or Options.options.with_system_mitkrb5):
raise Utils.WafError('--without-ntvfs-fileserver conflicts with --enable-selftest while building the AD DC')
if Options.options.with_ntvfs_fileserver == True:
if Options.options.without_ad_dc:
raise Utils.WafError('--with-ntvfs-fileserver conflicts with --without-ad-dc')
if Options.options.with_system_mitkrb5:
raise Utils.WafError('--with-ntvfs-fileserver conflicts with --with-system-mitkrb5')
conf.DEFINE('WITH_NTVFS_FILESERVER', 1)
conf.RECURSE('source3')
conf.RECURSE('lib/texpect')
if conf.env.with_ctdb: